A perfectly written, professionally formatted email from a known vendor requesting a payment update—zero typos, correct domain prefix—is exactly the kind of message that slides past every traditional phishing filter. That's the new baseline for AI-generated phishing, and Amazon Bedrock's analysis pipeline is built to catch it by evaluating behavior, not spelling.
Why Grammar Filters Are Useless Against Modern Phishing
John, an IT security engineer at a mid-sized firm, used to flag emails with generic salutations, mismatched logos, and broken English. Those days are over. Generative AI now crafts thousands of unique, contextually accurate messages per campaign using OSINT scraped from professional networks and corporate websites. The threat isn't identifiable by what it looks like anymore—it's identifiable by what it knows and how it deviates from how a real sender normally communicates. Traditional SPF/DKIM/DMARC checks confirm the sending server is authorized, but they can't tell you whether the message matches a coworker's usual tone or request patterns.
Amazon Bedrock's Multi-Stage Analysis Pipeline
Amazon Bedrock runs incoming emails through a five-step pipeline. First, Guardrails filter for PII and sensitive content before analysis begins. Then the system constructs a prompt combining the email content, the sender's baseline communication patterns (logged from prior emails), organizational context, and known phishing examples stored in Amazon Bedrock Knowledge Bases. A foundation model—Claude Sonnet 4.5 in the reference implementation—evaluates three factors: content anomalies, behavioral deviation, and contextual alignment. Those three scores are combined into a single risk score from 0–100. Safe (below 70) messages get delivered; suspicious ones get quarantined; dangerous ones get blocked outright. The whole pipeline runs in milliseconds alongside your existing routing infrastructure.
The Feedback Loop That Gets Smarter Over Time
The system maintains a sender baseline tracker that logs vocabulary, formality, typical request types, and communication frequency for each sender. When a coworker who normally sends quick one-liners suddenly writes a formal email requesting an urgent wire transfer, the behavioral deviation score spikes. False positives flagged by the security team update the sender baseline to account for legitimate variations. Confirmed phishing patterns get cataloged and fed into future analysis prompts as few-shot examples. Each cycle—Analyze, Score, Review, Learn, Enhance—improves detection accuracy. Early cycles require more hands-on classification, but the investment compounds: after enough iterations, the model catches subtle vendor impersonation attempts, like the sample where a legitimate domain 'example.com' was swapped for a lookalike 'example-website.com' alongside a first-ever payment change request referencing a real purchase order.
Amazon Bedrock doesn't replace employee skepticism or verification procedures—it augments them with the same technology that made phishing harder to detect. The result is a defense that evolves in lockstep with the attacks, and the same feedback loop that catches today's impersonations will catch tomorrow's variants before they reach a single inbox.
Source: How Amazon Bedrock catches AI-generated phishing
Domain: aws.amazon.com
Comments load interactively on the live page.